A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as critical. This issue affects some unknown processing of the component Network Config. The manipulation leads to privilege escalation. The attack may be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Mar/58 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.98933 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
17 Jun 2022, 19:12
Type | Values Removed | Values Added |
---|---|---|
First Time |
Solar-log solar-log 800e Firmware
Solar-log solar-log 250 Firmware Solar-log solar-log 1000 Pm\+ Solar-log solar-log 1200 Solar-log solar-log 1000 Solar-log solar-log 500 Solar-log solar-log 300 Solar-log solar-log 300 Firmware Solar-log solar-log 500 Firmware Solar-log solar-log 800e Solar-log solar-log 2000 Solar-log solar-log 250 Solar-log solar-log 2000 Firmware Solar-log solar-log 1000 Pm\+ Firmware Solar-log solar-log 1000 Firmware Solar-log Solar-log solar-log 1200 Firmware |
|
References | (MISC) https://vuldb.com/?id.98933 - Third Party Advisory | |
References | (MISC) http://seclists.org/fulldisclosure/2017/Mar/58 - Exploit, Mailing List, Third Party Advisory | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_2000_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_300:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_250_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_800e:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_500_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_2000:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_800e_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_250_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_800e_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_300_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1200_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_250:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_2000_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_300_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_500_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1000_pm\+:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1200_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_500:-:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1000:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1200:-:*:*:*:*:*:*:* |
09 Jun 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-09 23:15
Updated : 2023-12-10 14:22
NVD link : CVE-2017-20023
Mitre link : CVE-2017-20023
CVE.ORG link : CVE-2017-20023
JSON object : View
Products Affected
solar-log
- solar-log_800e
- solar-log_800e_firmware
- solar-log_250_firmware
- solar-log_250
- solar-log_300
- solar-log_1000
- solar-log_2000_firmware
- solar-log_1200
- solar-log_1000_pm\+
- solar-log_500
- solar-log_1000_pm\+_firmware
- solar-log_1200_firmware
- solar-log_300_firmware
- solar-log_1000_firmware
- solar-log_2000
- solar-log_500_firmware
CWE